You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Register a free account to unlock additional features at BleepingComputer.com

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

new HJT log

The main problem seems to be with this stupid "search inqwire" series of pop ups i keep receiving. I have run Ad-Aware, as well as Spy Sweeper.... neither of these programs seems to do anything about it. Thanks for the help

BC AdBot (Login to Remove)

When we're done cleaning off your system, i'd recommend that you install all the critical windows updates available from Microsoft, upto service pack 1. This will help to make your system more secure and prevent many 'problems' from reoccuring in the future.

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there'sanything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browserswhen you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') isenabled. Also make sure that 'Display the contents of system folders' is checked. Windows XP's search feature is a little different. Whenyou click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search systemfolders, Search hidden files and folders, and Search subfolders are checked.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you useor want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that wethink is bad to keep

Find the following files/folders and delete them (don't worry if they are already gone):C:\WINDOWS\SYSTEM32\uhy89.dllNow search for these files and delete all instances. Windows XP's search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system folders, Search hidden files and folders, and Search subfolders are checked.svcnet.exeStep #5

Start CCleaner and click on the Run Cleaner button in the lower right-hand corner. When it is finished close CCleaner.

Download and Install AdAware SE Personal, keeping the default options. However, some of the settings will need to be changed before your first scan.

Close ALL windows except Ad-Aware SE.

Click on the‘world’ icon at the top right of the Ad-Aware SE window and let AdAware SE update the reference list for the adware and malware.

Once the update is finished click on the ‘Gear’ icon (second from the left at the top of the window) to access the preferences/settings window:

In the ‘General’ window make sure the following are selected in green:

Under Safety:

Automatically save log-file

Automatically quarantine objects prior to removal

Safe Mode (always request confirmation)

Under Definitions:

Prompt to update outdated definitions - set the number of days

Click on the ‘Scanning’ button on the left and select in green:

Under Driver, Folders & Files:

Scan Within Archives

Under Select drives & folders to scan:

choose all hard drives

Under Memory & Registry: all green

Scan Active Processes

Scan Registry

Deep Scan Registry

Scan my IE favorites for banned URL’s

Scan my Hosts file

Click on the ‘Advanced’ button on the left and select in green:

Under Shell Integration:

Move deleted files to recycle bin

Under Logfile Detail Level: all green

include addtional object information

DESELECT - include negligible objects information

include environment information

Under Alternate Data Streams:

Don't log streams smaller than 0 bytes

Don't log ADS with the following names: CA_INOCULATEIT

Click the ‘Tweak’ button and select in green:

Under ‘Scanning Engine’:

Unload recognized processes during scanning

Scan registry for all users instead of current user only

Under ‘Cleaning Engine’:

Let Windows remove files in use at next reboot

Under Log Files:

Include basic Ad-aware SE settings in logfile

Include additional Ad-aware SE settings in logfile

Please do not check: Include Module list in logfile

Click on ‘Proceed’ to save the settings.

Click ‘Start’

Choose 'Perform Full System Scan'

DESELECT "Search for negligible risk entries", as negligible risk entries (MRU's) are not considered to be a threat.

Click ‘Next’ and Ad-Aware SE will scan your hard drive(s) with the options you have selected and clean automatically.

If Ad-Aware SE finds bad entries, you will receive a list of what it found in the window

Save the log file when it asks and then click ‘Finish’

REBOOT to complete the removal of what Ad-Aware SE found.

Step #8

Your operating system is extremely out of date. By not keeping your OS updated you leave yourself open to many of the infections that cannot be installed on a properly updated system. I strongly recommend that you go to the Windows Update site and install Service Pack 2. Once that is done, go back to the Windows Update site and install all available Critical Updates. This will patch your system with the most current security fixes and plug all the known holes which your present system has open.

Step #9

OK. Reboot your computer normally, start HijackThis and perform a new scan. Use the Add Reply button to post your new log file back here along with details of any problems you encountered performing the above steps and I will review it when it comes in.

OT

I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.OldTimer

Ok, here is the new log file. Everything went smoothly except for the scan by TrendMicro. They found 19000 bad files in the Windows\msview folder. In the past I have tried to remove these files, and everytime I do, my system freezes. One more thing, what's the deal with this CTFMON file that strives so hard to be the bane of my existance?

Start HijackThis and click the Scan button to perform a scan. Look for the following items and click in the checkbox in front of each item to select it:O2 - BHO: YBIOCtrl Class - {004A5840-FF59-11d2-B50D-0090271D3FD4} - (no file)Now close ALL open windows except HijackThis and click the Fix Checked button to finish the repair.

Now, a couple of other things to take care of.

Your operating system is extremely out of date. By not keeping your OS updated you leave yourself open to many of the infections that cannot be installed on a properly updated system. I strongly recommend that you go to the Windows Update site and install Service Pack 2. Once that is done, go back to the Windows Update site and install all available Critical Updates. This will patch your system with the most current security fixes and plug all the known holes which your present system has open.

I see no anti-virus program installed on this computer. An anti-virus program is your first line of defense in protecting you from malicious attacks. Here are 2 free ones for personal use:

OK. Reboot your computer normally, start HijackThis and perform a new scan. Use the Add Reply button to post your new log file back here along with details of any problems you encountered performing the above steps and I will review it when it comes in.

OT

I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.OldTimer

alright... i thought i would be doing myself a favor by getting some new hardware (motherboard, processor, video card) but now i'm sorta screwed... after i hooked everything up, i needed to use a windows disk to get everything working. I borrowed one from a friend, and now i think it installed multiple versions of windows. although i still have access to all my old files, not many of them seem to want to run. even the updates from windows wont download. Is there any way to restore my old user profile and get rid of the newer version of windows?

ignore the last post... i just backed up my important files, reformatted my hard drive, and just started from scratch... everything is up and running... the only problem is that i can't get the damn sound to work. i have both a front and back speaker hookup. the back i get nothing at all, the front works, but it is extremely quiet. i have updated all the drivers that i could, but still no luck.

i don't know if this helps in anyway, but i ran HJT again and this is what it came up with...

Hi mrfixit. The log looks good. But then it should with a format reinstall. I suggest posting your dirver issue over in the Hardware or XP forums and see what they have to say. they have a pretty broad base of experience over there and if anyone has an answer they would.

Cheers.

OT

Edited by OldTimer, 29 May 2005 - 09:57 PM.

I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.OldTimer